package cn.lhl.web.shiro;

import cn.lhl.common.utils.Encrypt;
import cn.lhl.domain.system.User;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authc.credential.SimpleCredentialsMatcher;

public class CustomCredentialsMatcher extends SimpleCredentialsMatcher {
    @Override
    public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) {
        //此方法主要加密密码和对比密码
        //先将其转换
        UsernamePasswordToken upToken = (UsernamePasswordToken) token;

        //获取邮箱做密码加密使用
        //User user = (User) info.getPrincipals().getPrimaryPrincipal();

        //token中存储的是前台传的密码,info中的是数据库中的密码
        String password = String.valueOf(upToken.getPassword());

        String dbpassword = String.valueOf(info.getCredentials());

        String email = upToken.getUsername();

        //加密前台传入的密码
        String string = Encrypt.md5(password, email);

        return dbpassword.equals(string);
    }
}
